[ISN] Spam Spoofs FTC E-Mail To Distribute Keylogger

From: InfoSec News (alerts@private)
Date: Tue Oct 30 2007 - 00:20:24 PST


http://www.informationweek.com/news/showArticle.jhtml?articleID=202603073

By Thomas Claburn
InformationWeek
October 29, 2007 06:00 PM

The Federal Trade Commission, which regularly goes after spammers for 
violating the law, Monday warned that a spammer is sending out bogus 
e-mail messages that purport to come from the FTC.

The FTC said that the fraudulent e-mail makes reference to an FTC 
complaint supposedly filed against the message's recipient. The message 
includes links and an attachment that download a virus.

"Simply opening the e-mail does not appear to cause harm," said the FTC. 
"However, it is likely that anyone who has opened the e-mail's 
attachment or clicked on the links has downloaded the virus on their 
computer, and should run an anti-virus program. The virus appears to 
install a 'key logger' that could potentially grab passwords and account 
numbers."

The apparent originating e-mail address, frauddep@private, is 
fraudulent, according to the FTC, as is the information in the messages 
return-path and reply-to fields. "While the e-mail includes the FTC 
seal, it has grammatical errors, misspellings, and incorrect syntax," 
the FTC said.

The FTC has asked recipients of such messages to forward them to 
spam@private and then to delete them.

Last week, SophosLabs said that the United States relayed 28.4% of the 
world's spam, more than fives times more than the number two relaying 
country, South Korea (5.2%). "Relaying" in this context refers to 
computers, "zombies" typically, that send spam at the behest of a remote 
spammer, who may or may not be in the same country.

"The problem is there are thousands of spammers using many thousands of 
compromised zombie computers in the US," said Carole Theriault, senior 
security consultant at Sophos, in a statement. "The only way we're going 
to reduce the problem is if US authorities invest a lot more in 
educating computer users of the dangers, while ensuring ISPs step up 
their monitoring efforts to identify these compromised machines as early 
as possible."


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com



This archive was generated by hypermail 2.1.3 : Tue Oct 30 2007 - 00:29:50 PST